Question

Hello, I have a new twiki where the users are identified in https mode by their personal certificate's DN, which is transformed by the magic of Apache option FakeBasicAuth into a rather long REMOTE_USER which Twiki picks up as their USERNAME. So they don't need to register explicitly. But the WIKINAME they are then also given is of the form "CN=JohnSmith", the last part of the DN, rather than the more obvious "JohnSmith".

I'm unclear what is actually setting the WIKINAME and whether I can tweak it to remove the "CN=" prefix. Can anyone point this out?

I see there is a plugin called FakeBasicAuthRegPlugin but I haven't added it as it may be for previous Twiki releases, and I'm so close to something that works well anyway. Any help very welcome!

Environment

-- LawrenceLowe - 01 Jul 2008

Answer

If you answer a question - or have a question you asked answered by someone - please remember to edit the page and set the status to answered. The status is in a drop-down list below the edit box.

You're probably using the SSLUsername directive somewhere in apache's configuration files. I see you're using apache 2.0.52. There used to be a patch for apache 2.0.54 to fix the value of REMOTE_USER environnement variable, when using FakeBasicAuth and SSLUserName .

1. Upgrade, if possible, to the latest stable production release of apache for your environnement : the REMOTE_USER 's variable should then be updated with the appropriate value.
2. If not, see http://httpd.apache.org/docs/2.2/mod/mod_ssl.html#envvars
3. See also https://issues.apache.org/bugzilla/buglist.cgi?quicksearch=SSLUsername

-- OlivierThompson - 06 Jul 2008